Robbie Gemmell created QPID-4308:
------------------------------------
Summary: ACL v2 spec does not allow permissioning of publication
to the default exchange
Key: QPID-4308
URL: https://issues.apache.org/jira/browse/QPID-4308
Project: Qpid
Issue Type: Bug
Components: Java Broker
Reporter: Robbie Gemmell
The ACL v2 spec does not allow appear to allow permissioning of the default
exchange. This is okay for BIND/UNBIND operations as the default exchange role
is to maintain a list of all queues and should not be directly modifiable by
the user.
However, the user does need to be able to permission PUBLISH to the default
exchange, but we lack a way to express it as the default exchange has no name
that can be referred to in a rule.
At the moment, in the Java Broker at least we can work around:
1. Explicitly allow all named exchanges.
acl allow all publish exchange name=amq.direct
acl allow all publish exchange name=amq.topic
2. And deny all others (this will include the default exchange)
acl deny all publish exchange
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
